Multi-party secure information integration system

ABSTRACT

A method of the present disclosure includes a host system authenticating a user of the user device to access secure host information associated with the user in a database. A request may be transmitted to a third-party system to access secure third-party information stored by the third party based on third-party authentication information. The host system may receive the secure third-party information and store the secure third-party information in a memory location of the database that is associated with a different memory location including the secure host information. The memory location and the different memory location may be associated in the database based on a common information type. The host system may generate a graphical user interface that positions the secure host information and the secure third-party information in the graphical user interface based on their respective location in the database.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. patent application Ser. No.17/060,207 filed Oct. 1, 2020, which is a continuation of U.S. patentapplication Ser. No. 16/446,874 filed on Jun. 20, 2019, which is acontinuation of U.S. patent application Ser. No. 16/037,108 filed onJul. 17, 2018, now U.S. Pat. No. 10,372,933 issued Aug. 6, 2019, whichis a continuation of U.S. patent application Ser. No. 15/284,942 filedon Oct. 4, 2016, now U.S. Pat. No. 10,055,605 issued on Aug. 21, 2018,which claims priority to U.S. Provisional Application No. 62/237,892,filed Oct. 6, 2015 and titled “Multi-Party Secure InformationIntegration System,” the entirety of each of which is herebyincorporated by reference herein.

TECHNICAL FIELD

The present disclosure relates to information security, and moreparticularly, though not necessarily exclusively, to secure informationintegration systems for integrating secure information from multiplesources.

BACKGROUND

Certain information is sensitive, requiring authentication processes tosecure the information stored in a database and ensure that the storedinformation is accessible only to authorized users of a web-basedplatform. For example, a user seeking to access the stored informationfrom a user device via a network may enter authentication information,such as a user name or password specific to the user or information,prior to the database allowing access to the information. Certaindatabase associations between the authentication information and thestored secure information may be used to maintain the security of theinformation

SUMMARY

In some aspects, a system may include a processor and a memory device.The processor may be coupled to a database having a plurality of memorylocations. The memory device may be accessible to the processor andinclude instructions that may be executed by the processor to cause theprocessor to receive (i) secure host information corresponding to a userand hosted on the system by a host party and (ii) secure third-partyinformation corresponding to the user and hosted on a third-party systemby a third party. The instructions may also be executed by the processorto cause the processor to create a secure database. The database may becreated by storing the secure host information and the securethird-party information in a subset of memory locations of the pluralityof memory locations. The database may also be created by associatingmemory locations of the subset with each other based on a commoninformation type corresponding to a common type of the secure hostinformation and the secure third-party information stored in the subset.The database may also be created by associating the subset with anadditional memory location of the plurality of memory locations having astored user identifier corresponding to the user. The additional memorylocation may be associated with an additional subset of memory locationsof the plurality of memory locations.

In certain aspects, the additional subset of memory locations mayinclude stored host authentication information that may be used toauthenticate the user to access the host secure information on a hostwebsite hosted by the host party. The additional subset of memorylocations may also include stored third-party authentication informationthat may be used to authenticate the system to retrieve updated securethird-party information from the third-party system. The instructionsmay also be executed by the processor to cause the processor to create agraphical user interface that includes the secure host information andthe secure third-party information positioned on the graphical userinterface based on a location of the secure host information and thesecure third-party information in the database. The graphical userinterface may be displayed on the host website and accessible to theuser subsequent to authenticating the user based on the hostauthentication information.

In additional aspects, a method may include authenticating, by a hostsystem communicatively coupled to a user device via a network, a user ofthe user device to access secure host information associated with theuser in a database. The method may also include transmitting, by thehost system, a request to a third-party system to access securethird-party information stored by the third-party, the request includingthird-party authentication information associated with the user in thedatabase for authenticating the host party by the third-party system.The method may also include receiving, by the host system, the securethird-party information from the third-party system. The method may alsoinclude storing, by the host system, the secure third-party informationin a memory location of the database that is associated with a differentmemory location including the secure host information, the memorylocation and the different memory location being associated in thedatabase based on a common information type corresponding to a commontype of the secure host information and the secure third-partyinformation. The method may also include generating, by the host system,a graphical user interface including the secure host information and thesecure third-party information positioned in the graphical userinterface based on the location of the secure host information and thesecure third-party information stored in the database.

In further aspects, a host system may include a database hosted by ahost system. The database may include a plurality of memory locationsfor storing (i) secure host information and (i) secure third-partyinformation received from a third-party system that is separate from thehost system. The plurality of memory locations may include a subset ofmemory locations associated with each other based on a commoninformation type corresponding to a common type of the secure hostinformation and the secure third-party information stored in the subsetof memory locations. In certain aspects, the subset of memory locationsmay be used by a processor communicatively coupled to the database tocreate a graphical user interface that includes the secure hostinformation and the secure third-party information in positions that arebased on a location of the secure host information and the securethird-party information in the database.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic block diagram of an example of a host integrationsystem for integrating secure information from multiple partiesaccording to one aspect of the present disclosure.

FIG. 2 is a block diagram of an integration server device of FIG. 1according to one aspect of the present disclosure.

FIG. 3 is a block diagram depicting associations in a database of theintegration system of FIG. 1 according to one aspect of the presentdisclosure.

FIG. 4 is a flow chart of a process for generating a user interface todisplay integrated secure information according to one aspect of thepresent disclosure.

FIG. 5 is an example of a user interface for receiving authenticationinformation according to one aspect of the present disclosure.

FIG. 6 is an example of a user interface displaying integrated secureinformation separated by an information type according to one aspect ofthe present disclosure.

FIG. 7 is an example of a user interface displaying a list of secureuser information including an information type according to one aspectof the present disclosure.

FIG. 8 is an example of a user interface aggregating valuescorresponding to secure user information of a common type according toone aspect of the present disclosure.

FIG. 9 is flow chart of a process for modifying integrated secureinformation according to one aspect of the present disclosure.

FIG. 10 is an example of a user interface showing outdated securethird-party information according to one aspect of the presentdisclosure.

DETAILED DESCRIPTION

Certain aspects and features relate to integrating secure hostinformation managed by a host system with additional secure informationmanaged by one or more third-party systems by generating graphical userinterfaces that include the secure host information and the securethird-party information positioned based on the memory locations of thesecure information in a database. In some aspects, the host system maycreate the database with multiple memory locations and may storeportions of the secure host information and the secure third-partyinformation in subsets of the memory locations that are separated basedon an information type corresponding to the secure information. Thegraphical user interface generated by the host system may replicate thesubsets of the memory locations by displaying the secure informationstored in each subset in groups corresponding to each subset.

In some aspects, the host system may securely store informationbelonging to clients of a host party and may allow the clients to store,access, and manage the client's information remotely via a network. Thethird-party system may similarly store secure information belonging toclients of a third party and allow such clients to store, access, andmanage the client's information remotely via the network. The hostsystem and the third-party system may be disparate systems that arecommunicatively coupled via the network. The communication path betweenthe host system and the third-party system may allow secure informationcorresponding to an overlapping client (e.g., a client of both the hostparty and the third party) to be transmitted from the third-party systemto the host system and stored in the memory locations of the database.

The memory locations of the database may correspond to virtual orphysical locations for storing user information corresponding to clientsof the host system and third-party system. For example, a virtuallocation may include an allocated storage location within a virtualstorage environment (e.g., a virtual database on a cloud) that isaccessible to the user. A physical location may include an allocatedstorage location with a physical storage environment (e.g., a physicaldatabase). The memory locations may be associated with a user identifiercorresponding to the user, or client, to whom the secure informationcorresponds. The user identifier may be used to associate the secureinformation with authentication information that is usable to secure theinformation in the database by requiring user authentication to accessthe information. In one example, the authentication information includeshost authentication information for authenticating the user on the hostsystem and third-party authentication information for authentication theuser on the third-party system. The host authentication and thethird-party authentication information may be associated with each otherin the database directly or via the user identifier to allow the hostsystem to use the third-party authentication information to retrieveupdated third-party information from the third party on behalf of theuser subsequent to authenticating the user by the host system.

In additional aspects, the host system may generate user interfacesdisplaying integrated secure information including the securethird-party information and the secure host information with selectionoptions to allow the user to modify the secure third-party information.In response to a request to modify the secure third-party informationvia selection of one of the options generated by the host system, thehost system may transmit an electronic signal to the third-party system.The electronic signal may include the third-party authenticationinformation to authenticate the user and user interface components toallow the third-party system to generate a user interface for modifyingthe secure third-party information. The interface components may includeprogramming code for generating headers, icons, and other visualelements to allow the third-party system to generate the user interfacefor modifying the secure third-party information. The visual elementsincluded on the user interface generated by the third party may causethe user interface to appear to be a user interface generated by thehost system. Subsequent to modifying the secure host information or thesecure third-party information, the system may generate a user interfaceto display updated integrated secure information including any updatedsecure third-party information or secure host information.

Since the host system is a host to at least a portion of the secureinformation, the host system can ensure that appropriate authenticationis implemented to provide the third-party information to the user in amanner as secure as if the user were accessing the third-partyinformation directly from the third-party system. For example, thesystem may associate third-party authentication information provided tothe system by the user with authentication information provided to thesystem for accessing the secure host information directly accessible bythe system. The authentication of the user to view the secureinformation hosted by the system may then serve as authentication of thesame user to view third-party information hosted on a third-partysystem.

In some aspects, the associations between the memory locations of adatabase including the secure information may allow the host system tocreate relationships between disparate secure information received fromdifferent sources (e.g., based on a common information type). Therelationships may be created while simultaneously maintaining an abilityto distinguish between the source of the information stored in each ofthe associated memory locations. The ability to create relationshipsbetween the secure information in the database may allow the informationto be presented to a user in an organized fashion with reducedprocessing time. For example, a processor generating a graphical userinterface that displays the secure information stored in the databasemay rely on the database associations to organize the information ratherthan use additional processing power and time to determine therelationships between the secure information upon each user request toview the secure information. This may be particularly useful to preventoverburdening the processor when the processor is handling multiple userrequests for secure information simultaneously.

The ability to distinguish between the sources of the information storedin the database (e.g., the host system versus one or more third-partysystems) throughout such processing operations may allow the processorto determine quickly whether a user requesting the secure information isauthenticated to view the secure information from each of the respectivesources. A system according to certain aspects of the present disclosuremay be useful for hosting information related to a user interface thatthe user would deem sensitive in nature. For example, the informationmay relate to financial information. The system may allow a hostfinancial institution having financial information related to a user toaccess additional financial information hosted by a third party and todisplay all of the user's financial information on a single, securesystem of the host financial institution.

As one example, a user may attempt to access a web-based system hostedby a financial institution. The system may authenticate automaticallythe user on the third-party system based on authenticating the user toview the secure information hosted by the financial institution via thesystem. The system may send a request to the third-party system forfinancial information, such as account balances for the user's accountshosted by the third party. The system may also display the third-partyaccount balances on a web user interface generated by the systemintegrated with account balances for accounts managed or hosted by thehost financial institution. To the extent the secure third-partyinformation requires modifying, the system may also provide selectionoptions (e.g., deep links) to allow the user to access the third-partysystem to make necessary changes to the secure third-party information.The webpage accessible by the deep links may be hosted by the thirdparty, but the system may provide user interface components (e.g.JavaScript, HTML) to allow the third-party system to provide a userinterface that appears to be hosted by the host financial institution.This may provide the user with a consistent and controlled userexperience. In some aspects, the third-party system may include a deeplink back to the system. When the request to return to the system isinitiated, the system may update or refresh the secure third-partyinformation to account for the modifications made during the user'svisit to the third-party system.

Detailed descriptions of certain examples are discussed below. Theseillustrative examples are given to introduce the reader to the generalsubject matter discussed here and are not intended to limit the scope ofthe disclosed concepts. The following sections describe variousadditional aspects and examples with reference to the drawings in whichlike numerals indicate like elements, and directional descriptions areused to describe the illustrative examples but, like the illustrativeexamples, should not be used to limit the present disclosure. Thevarious figures described below depict examples of implementations forthe present disclosure, but should not be used to limit the presentdisclosure.

Various aspects of the present disclosure may be implemented in variousenvironments. FIG. 1 shows an example of a network environment includinga host system 100 that may be used to integrate secure information frommultiple parties with secure information from the host system 100according to one aspect of the present disclosure. The host system 100includes an integration server device 102 and a database device 104managed by a host party. The integration server device 102 iscommunicatively coupled to the database device 104. The integrationserver device 102 may include a processing device or other means formanaging the security of information stored in the database device 104.For example, the integration server device 102 may authenticate a userto access, view, and modify the information stored in the databasedevice 104. The information stored in the database device 104 mayinclude secure information corresponding to one or more clients of thehost party (e.g., the users). The database device 104 may also storeuser identification information associated with user accountinformation. The user information may include personal identificationinformation related to the user, authentication information unique tothe user to allow the user to view secure information via the system, orother information associated with the user.

The integration server device 102 is also communicatively coupled to athird-party system 106 separate from the host system 100 by a network108, such as the Internet. The third-party system may be hosted by athird party and is physically separate from the host system 100. Thehost system 100 and the third-party system 106 may include secureinformation belonging to one or more of the same clients. Thethird-party system 106 may host and store additional secure informationcorresponding to the overlapping clients. In some aspects, thethird-party system 106 may transmit the secure information hosted by thethird party to the host system 100 via the network 108. In additionaland alternative aspects, the secure third-party information receivedfrom the third-party system 106 may also be stored in the databasedevice 104. Although only one third-party system 106 is shown in FIG. 1,the third-party system 106 may represent multiple third-party systemscommunicatively coupled to the host system 100 by the network 108.Similarly, though only a single database device 104 is shown in FIG. 1,the database device 104 may represent multiple database devices. In someaspects, the database device 104 may be shared with one or more of thedisparate host systems. In other aspects, the database device 104 may beintegral to the integration server device 102.

The host system 100 may communicate with user devices 110 operated bythe clients, or users, of the host system 100. The integration serverdevice 102 may be communicatively coupled to the user devices 110 viathe network 108. The integration server device 102 may generate userinterfaces and provide the user interfaces to a user device 110 over thenetwork 108. The integration server device 102 may also receive requestsand commands from the user device 110, and configure the user interfacesto be provided to the user device 110 in response to the requests andcommands. The user device 110 may be a computing device, such as alaptop, mobile phone, desktop computer, personal digital assistant,tablet, wearable device, etc., that may display content in a web browseror other user interface. In some aspects, the user device 110 mayrepresent multiple user devices communicatively coupled, directly orindirectly, to the host system 100 over the network 108. For example,the user device 110 may represent a wearable device (e.g., a smartwatch) communicatively coupled to a mobile phone. The mobile phone maybe communicatively coupled to the integration server device 102. Theintegration server device 102 may receive requests and commands from andprovide user interfaces to the wearable device via the mobile phone.

In some aspects, the host system 100 may be communicatively coupled tothe third-party system 106 a service bus 112 in addition oralternatively to the network 108. In some aspects, the host system 100may utilize the service bus 112 or the network 108 to communicate withthe third-party system 106 depending on the purpose of thecommunication. As one example, the integration server device 102 maycommunicate with the third-party system 106 using the service bus 112 toretrieve secure third-party information from the third-party system 106.The integration server device 102 may communicate with the third-partysystem 106 using the network 108 to allow a user of the host system 100to access user interfaces generated by the third-party system 106 formodifying secure third-party information displayed by the system. Inanother example, the integration server device 102 may communicate withthe third-party system 106 using the service bus 112 to transmit userinterface components or other proprietary information to allow thethird-party system 106 to generate user interfaces that appear to begenerated by the system for modifying the secure third-partyinformation. Integration server device 102 may communicate with thethird-party system 106 via the network 108 to authenticate the user toview the secure third-party information, retrieve the secure third-partyinformation, or to allow a user of the host system 100 to access userinterfaces generated by the third-party system 106 for modifying securethird-party information displayed by the system. In other examples, allcommunication between the third-party system 106 and the host system 100may be through only the service bus 112 or the network 108 withoutdeparting from the scope of the present disclosure.

FIG. 2 shows a block diagram of the integration server device 102 ofFIG. 1 that may implement an aspect of the present disclosure. Theintegration server device 102 includes a processor 200, memory 202, anda network interface 204 connected by a bus 206. The processor 200 mayexecute instructions stored in the memory 202 to perform operations ofthe integration server device 102. The processor 200 may include asingle processing device or multiple processing devices. Non-limitingexamples of the processor 200 include a field-programmable gate array,an application-specific integrated circuit (“ASIC”), and amicroprocessor. The memory 202 includes a storage device that retainsinformation when powered off. Non-limiting examples of the memory 202include electrically erasable and programmable read-only memory, a flashmemory, or any other type of non-volatile memory.

In some examples, at least a portion of the memory 202 may include acomputer-readable medium from which the processor 200 can access andexecute instructions of the memory 202. A computer-readable medium mayinclude electrical, optical, magnetic, or other storage devices capableof providing the processor 200 with computer-readable instructions orother program code. Non-limiting examples of a computer-readable mediuminclude magnetic disks, memory chips, read-only memory, random-accessmemory, an ASIC, a configured processor, optical storage, or any othermedium from which the processor 200 may read instructions. Theinstructions may include processor-specific instructions generated by acompiler or an interpreter from code written in any suitablecomputer-programming language, including, for example, C, C++, C#,COBOL, Java, etc.

The instructions include one or more applications or other means forinstructing the processor 200 to perform the functions of theintegration server device 102. In some aspects, the instructions includeintegration engine 208, association engine 210, and modification engine212, each including one or more algorithms executable by the processor200. For example, integration engine 208 may include algorithms or otherinstructions to cause the processor 200 to determine the memorylocations and associations of secure information in the database device104 of FIG. 1. Based on the memory locations and associations, theintegration engine 208 may integrate secure host information stored inthe database device 104 with secure third-party information stored inthe database device 104. The association engine 210 may receive thesecure host information from the host party, or in some instances, theuser, and receive the secure third-party information from the thirdparty. The association engine 210 may determine in which memorylocations of the database device 104 of FIG. 1 to store the informationsuch that associations between the information are formed in thedatabase device 104. The modification engine 212 may allow the user, thehost party, or the third party to modify the secure host information orthe secure third party information stored in the database device 104 andmay, with or independently from the association engine 210, store themodified secure information in the appropriate memory locations of thedatabase device 104.

The memory 202 also includes a datastore 214 in which content and datamay be stored. For example, the datastore 214 include interface content216 corresponding to web components (e.g., logos, icons, and other webimage files), instructions, and other means for generating userinterfaces. In some aspects, the user interfaces generated using theinterface content 216 may be displayed on a website hosted by the hostsystem 100 of FIG. 1 to allow a user to modify the secure hostinformation stored in the database device 104 of FIG. 1. In additionaland alternative aspects, the user interfaces generated using theinterface content 216 may be displayed on a website hosted by thethird-party system 106 of FIG. 1 to allow a user to modify securethird-party information. Although the interface content 216 is shown asstored in the datastore 214 of the memory 202, the interface content 216may be similarly stored in the database device 104 of FIG. 1 withoutdeparting from the scope of the present disclosure.

The network interface 204 may include a network card or other means forcommunicatively coupling the host system 100 of FIG. 1 to a network(e.g., network 108 of FIG. 1). For example, the network interface 204may allow user devices, such as the user device 110, to access the hostsystem 100 to receive user interfaces that allow a user to access, view,and modify secure information. The network interface 204 may also couplethe host system 100 to the network to allow information and data to betransmitted between the host system 100 and the third-party system 106of FIG. 1 via the network 103. In some aspects, the network interface204 may also include allow for communication between the host system 100and the third-party system 106 via the service bus 112 of FIG. 1

FIG. 3 is a block diagram of the database 104 of FIG. 1 depictingassociations of memory locations and information within in the database104 according to one aspect of the present disclosure. The database 104includes stored information, including user identifiers, userauthentication information, and secure user information. The storedinformation is stored in various memory locations of the database 104.Different stored information may be stored in a manner such that theinformation is associated in the database 104. For example, the memorylocations of the database 104 may be associated as represented by thesolid arrows in FIG. 3. The stored information may be stored inassociated memory locations to associate the information stored therein.In some aspects, one or more memory locations may be associated via arelational table or matrix having rows or columns that are associated,or otherwise linked. In additional and alternative aspects, the memorylocations, or the information included therein, may include one or moremarkers, objects, or other associating means to link the storedinformation.

In FIG. 3, the client identifiers are stored in a set of memorylocations 300. The user identifiers may include informationcorresponding to an identity of a client, account holder, or member ofthe host party and user of a user device (e.g., user device 110 of FIG.1). In some aspects, the user identifiers stored in the memory locations300 include a unique set of alphanumeric characters, such as an onlinebanking (“OLB”) number assigned to clients to distinguish accountholders of each account managed by the host party. In other aspects, theuser identifiers include a unique set of alphanumeric charactersprovided by or issued to each user, including, but not limited to, asocial security number, a personal identification number, an emailaddress, a username, or a password.

Each memory location of the database 104 storing information connectedto the user is associated with the memory location 300 storing the useridentifier of the user. For example, the database 104 includes a set ofmemory locations 302 including the user authentication information forthe user. The user authentication information includes at least hostauthentication information and third-party authentication information.The host authentication information may be used to authenticate the userto view the secure host information stored in the database 104. In someaspects, the host authentication information may also be used toauthenticate the user to view any secure third-party information storedin the database 104. The third-party authentication information may beused by the host system 100 to authenticate the host system 100 toretrieve secure third-party information on the third-party system 106 ofFIG. 1. In some aspects, the third-party authentication information maybe received from the user and stored in the memory location 302 of thedatabase 104 to allow the host system 100 to authenticate automaticallythe user to retrieve updated secure third-party information from thethird-party system 106. The updated secure third-party information maybe retrieved in response to the user being authenticated by the hostsystem based on the host authentication information. In some aspects,the host authentication information and the third-party authenticationinformation corresponding to the same user may be stored in the samememory location in the set of memory locations 302. In other aspects,the host authentication information and the third-party authenticationinformation may be stored in separate memory locations in the set, butmay be associated with each other in the database 104. Each of the hostauthentication information and the third-party authenticationinformation stored in the set of memory locations 302 may be associatedwith the memory location 300 including the user identifier of the usercorresponding to the host authentication information and the third-partyauthentication information.

The secure user information are stored in memory locations that areassociated with the memory location 300 including the user identifier ofthe user that is the holder, manager, owner, or is otherwise associatedwith the secure user information. The secure user information is storedin sets of memory locations 304, 306, 308. Each set of memory locations304, 306, 308 may correspond to a type of secure user information andinclude multiple memory locations for storing secure informationcorresponding to that type. In some aspects, the type of the secure userinformation may be identified based on a type identifier correspondingto the information type, an information format unique to the informationtype, a source identifier corresponding to a system (e.g., the hostsystem 100, the third-party system 106, etc.) for storing informationhaving the information type, or other means for identifying theinformation type. For example, the secure user information having type Ais stored in set of memory locations 304. The set of memory locations304 includes memory location labeled Location 1—Type A that includessecure host information having type A and a memory location labeledLocation 1—Type B that includes secure third-party information havingtype A. The set of memory locations 304 also include one or moreadditional memory locations represented by the memory location labeledLocation N—Type A. In some aspects, Location N—Type A may be reservedfor additional secure information of type A corresponding with the sameuser. In addition to the association between the memory location 300having the user identifier of a user with the memory locations 304having the secure user information of the same user, each of the memorylocations 304 may also be associated with each other based on theirmutual association with the same user identifier and their sameinformation type.

Each of the sets of memory locations 306, 308 also include secure userinformation stored in the manner described for the memory locations 304.For example, the set of memory locations 306 may correspond to secureuser information having type B. The memory locations 306 include securehost information having type B and secure third-party information havingtype B in the memory locations labeled Location 1—Type B and Location2—Type B, respectively. The set of memory locations 308 may correspondto secure user information having type N. The memory locations 308include secure host information having type N and secure third-partyinformation having type N in the memory locations labeled Location1—Type N and Location N—Type B, respectively. Each of the sets of memorylocations 306, 308 may include one or more additional memory locations(e.g., memory location labeled Location N—Type B, memory locationlabeled Location N—Type N) that are associated with the other memorylocations in the respective set and reserved for additional secure userinformation of types B and N, respectively.

In some aspects, the secure user information stored in the memorylocations of the database 104 may be updated based on a modification ofthe stored information. For example, a user may choose to modify securehost information having a type N stored in the memory location labeledLocation 1—Type N. Subsequent to the modification, modified hostinformation—type N 210 corresponding to the modification may be storedin the memory location in place of the previously stored secure hostinformation having type N. Similarly, a user may choose to modify securethird-party information having a type N stored in the memory locationlabeled Location 2—Type N. Subsequent to the modification, modifiedthird-party information—type N 212 may be stored in the memory locationin place of the previously stored secure third-party information havingtype N.

In further aspects, additional secure information may be added to thedatabase 104. For example, a new third party may have secure information(e.g., secure new third-party information 314) corresponding to a userof the host system 100. The secure new third-party information 314 mayinclude information having type A and information having type N. Thedatabase 104 may store the secure new third-party information 314 havingtype A in a memory location of the set of memory locations 304 beingassociated based on the type A. The database 104 may store the securenew third-party information 314 having type N in a memory location ofthe set of memory locations 308 associated based on the type N. Thesecure new third-party information 314 may be associated with the useridentifier corresponding to the user and with the stored secure userinformation having the same type based on the memory location in whichit is stored.

FIGS. 4-10 include flow charts and corresponding user interfacesillustrating processes for displaying and modifying secure hostinformation and secure third-party information (collectively, integratedsecure information). The processes in FIGS. 4 and 9 are described withrespect to FIGS. 1-3 and the corresponding screenshots, FIGS. 5-8 and10, although other implementations are possible without departing fromthe scope of the present disclosure. Although the processes shown inFIGS. 4 and 9 are described in a particular order, the processing stepsmay be performed in various orders without departing from the scope ofthe present disclosure. Similarly, steps in each of the processes may beomitted or performed in alternative ways without departing from thescope of the present disclosure.

Displaying the Integrated Secure Information

FIG. 3 shows a flow chart of a process for generating a user interfaceto display integrated secure information according to one aspect of thepresent disclosure.

In block 400, the integration server device 102 receives a request fromthe user to view the integrated secure information. In some aspects, therequest may be received in response to a selection by the user of theuser device 110 of an option to view the integrated secure informationon a user interface generated by the integration server device 102 or aseparate network server device of another system. The selection optionmay be in the form of a hyperlinked button or text, a direct linkinserted into a web browser on the user device 110, or other means forallowing the user to transmit a request to the host system 100 to viewthe integrated secure information. In additional and alternativeaspects, the request may be received in response to an attempt orrequest by the user to access the host system 100 from the user device110 via the integration server device 102. The request may betransmitted by the integration server device 102 to the integrationserver device 102 for a determination of whether the user is authorizedto view the integrated secure information.

In block 402, the integration server device 102 may determine whetherthe user is authorized to view the secure host information. In someaspects, the determination may be made based on whether the user haspreviously provided authentication information for accessing the hostsystem 100. The authentication information may have been previouslyprovided in response to user input provided by the user on a userinterface generated by the integration server device 102. In someaspects, the user may be authorized to view the secure host informationbased on previous authorization to view secure information on anotherapplication. For example, the user may have provided authenticationinformation for another system having means for viewing the sameinformation and hosted by the same entity as the host of the host system100. The host system 100 may determine that the user is authorized toview the secure host information based on the host authenticationinformation provided to the other system. In additional aspects, theuser may be authorized to view the secure host information based onaccessing the host system 100 from the user device 110. For example,device information corresponding to the user device 110 may beassociated with the user in the database device 104 to allow the user tobe authenticated by the host system 100 based on the device informationtransmitted to the host system 100 with the request to view theintegrated secure information from the user device 110.

In block 404, the integration server device 102 generates a userinterface for receiving host authentication information in response to adetermination by the integration server device 102 that the user is notauthorized to view the secure host information. The user interface mayinclude options or inputs to allow the user to provide hostauthentication information for accessing the host system 100 and viewingthe secure host information. The host authentication information mayinclude a username, account number, password, personal identificationnumber, or other information unique to the user to authenticate that theuser is permitted to view the secure host information.

FIG. 5 is an example of a user interface 500 for receiving hostauthentication information according to some aspects of the presentdisclosure. In some aspects, the user interface 500 may be generated bythe integration server device 102 to allow the user to enter hostauthentication information for accessing the host system 100. The userinterface may include inputs 502 to allow the user to enter alphanumerictext from the user device 110 corresponding to a user identifier (“userid”) and a password unique to the user. The host authenticationinformation may ensure that the user is authorized to access and viewthe secure information. Subsequent to a user selection of the “SecureLogon” selection option 504, the user device 110 may transmit the hostauthentication information to the integration server device 102 via thenetwork 108. The integration server device 102 may transmit theauthentication information to the integration server device 102 forauthenticating the user.

Returning to FIG. 4, in block 406, the integration server device 102receives the host authentication information. In some aspects, the hostauthentication information may be received via a transmission from theuser device 110 based on a selection of an option displayed on a userinterface for submitting the host authentication information (e.g.,selection option 504 of FIG. 5).

In block 408, the integration server device 102 authenticates the userto view the secure host information. In some aspects, the integrationserver device 102 may authenticate the user if there is a match betweenthe host authentication information transmitted to the integrationserver device 102 by the user and authentication information stored inthe database device 104 and associated with the user. For example, theintegration server device 102 may identify the user based on a useridentifier stored in the database 104 compared against the useridentifier (e.g., username) entered in an input of the user interfacefor receiving the host authentication information described in block 404(e.g., inputs 502 of FIG. 5). The integration server device 102 mayidentify the host authentication information stored in a memory locationthat is associated with the memory location storing the user identifierand compare the stored host authentication information with theinformation (e.g., password) entered in the inputs 502 of FIG. 5 todetermine the match and authenticate the user.

In block 410, the integration server device 102 determines if the useris authorized to view the secure third-party information. In someaspects, this determination may include comparing previously providedthird-party authentication information associated with the user in anassociated memory location of the database 104. For example, a userhaving previously accessed the system may have provided authenticationinformation for viewing the secure third-party information on thethird-party system 106. The integration server device 102 may haveassociated the provided authentication information with the user in thedatabase device 104 to allow the integration server device 102 toauthorize automatically the user to view the secure third-partyinformation based on a determination that the user is authorized to viewthe secure host information (e.g., based on authenticating the user onthe host system 100).

In block 412, the integration server device 102 may generate a userinterface for receiving the secure third-party authenticationinformation in response to a determination by the integration serverdevice 102 that the user is not authorized to view the securethird-party information. Similar to the user interface 500 of FIG. 5described in block 404, the user interface may include options or inputsto allow the user to provide third-party authentication information foraccessing the host system 100 and viewing the secure third-partyinformation. The third-party authentication information may include ausername, account number, password, personal identification number, orother information unique to the user to authenticate that the user ispermitted to access and view the secure third-party information.

In block 414, the integration server device 102 receives the third-partyauthentication information. The third-party authentication informationmay be received via a transmission from the user device 110 based on aselection of an option displayed on a user interface for submitting thethird-party authentication information described in block 406.

In block 416, the integration server device 102 associates thethird-party authentication information with the user in the databasedevice 104. The integration server device 102 may associate thethird-party authentication information with the user by storing thethird-party authentication information in a memory location associatedwith the memory location including the user identifier for the user. Insome aspects, the third-party authentication information may allow theintegration server device 102 to authenticate the user on thethird-party system 106 to receive the secure third-party informationfrom the third party.

In block 418, the integration server device 102 retrieves the securethird-party information. In some aspects, the integration server device102 may retrieve the secure third-party information from the third partyusing the third-party authentication information. For example, theintegration server device 102 may transmit a request for the third-partyinformation to the third-party system 106 using the third-partyauthentication information. The third-party system 106 may authenticatethe integration server device 102 based on the third-partyauthentication information and transmit the third-party authenticationinformation to the integration server device 102. The integration serverdevice 102 may store the information in the database 104 in a mannerthat associates the secure third-party information with the user. Insome aspects, future requests to view the integrated secure informationmay allow the user to access the secure third-party information storedin the database based on the user being authenticated using the hostauthentication information. The integration server device 102 may onlyrequire the third-party authentication information when requestingupdated secure third-party information.

In block 420, the integration server device 102 may retrieve the securehost information corresponding to the user. The integration serverdevice 102 may retrieve the secure host information from the databasedevice 104. In some aspects, the integration server device 102 mayretrieve the secure host information based on the memory location beingassociated with a memory location including the user identifiercorresponding to the user.

In block 422, the integration server device 102 may generate a userinterface to display the integrated secure information including thesecure host information and the secure third-party information. In someaspects, the user interface may allow the secure host information andthe secure third-party information to be displayed at the same time. Forexample, the integration server device 102 may generate a user interfaceas shown in FIG. 6.

FIG. 6 depicts an example of a user interface 600 for displaying boththe secure host information and the secure third-party informationtogether as integrated secure information. The user interface 600 shownin FIG. 6 includes integrated secure information related to bankinginformation. The secure host information may be displayed as an accountbalance at a host financial institution. The user interface 600 mayallow the user to view the integrated secure information on a singleuser interface.

The user interface 600 includes selection options 602, 604, 606 totoggle between a display of only the secure host information, a displayof only the secure third-party information, and a display of theintegrated secure information including both the secure host informationand the secure third-party information. For example, user interface 600includes the selection option 602 labeled “Host Accounts,” the selectionoption 604 labeled All Accounts,” and the selection option 606 labeled“Show hidden Host Account(s).” Selection of the option 602″ may causethe integration server device 102 to generate or modify the userinterface displaying only the secure host information (e.g., balanceinformation related to host accounts). Selection of the option 604 maycause the integration server device 102 to generate or modify the userinterface displaying the integrated secure information as shown in FIG.6 (e.g., balance information related to host accounts and third-partyaccounts). Selection of the “Show hidden host account(s)” may allow theuser to toggle between a user interface generated by the integrationserver device 102 displaying the integrated secure information and auser interface generated by the integration server device 102 displayingonly the secure third-party information (e.g., hiding the secure hostinformation from the display).

In additional and alternative aspects, the integration server device 102may generate user interfaces to display the integrated secureinformation by one or more information types associated with the securehost information or the secure third-party information. Non-limitingexamples of information types may include account types and categorytypes. In some aspects, account types may include a particular type ofaccount (e.g., checking account, credit card account, utility account,etc.) associated with the secure information as indicated by thesections 608, 610, 612 of the user interface 600, respectively. Acategory type may include a type or transaction or other informationregarding a transaction for a particular account (e.g., purchase of aparticular item, payments, deposits, withdrawals, etc.). In someaspects, the integration server device 102 may position the integratedsecure information on the user interface 600 based on the memorylocation of the database 104 in which the secure host information andthe secure third-party information is stored. In one example, the memorylocations may be associated based on the type of information stored inthe memory locations as described in FIG. 3. The secure host informationand the secure third-party information may include a type “CheckingAccount” and display the secure host information (e.g., Host Checking)and the secure third-party information (e.g., First Third-PartyChecking) in the section 608 labeled Checking and Savings based on theassociation between the memory locations storing the checkinginformation in the database 104.

In some aspects, the user interface may include selection options toallow a user to see additional secure information related to a displayedaccount. For example, in the sections 608, 610, 612 corresponding to thedifferent information types, the secure information listed (e.g., theHost Checking, the First Third-Party Checking, the Host Credit Card, andthe Third-Party Investment) may be selectable (e.g., via a hyperlink) bythe user. In response to a selection of an account, the integrationserver device 102 may cause additional secure information correspondingto the account to be displayed.

FIG. 7 shows an example of a user interface 700 that may be generated bythe integration server device 102 in response to a selection of aselection option corresponding to secure user information in FIG. 6according to some aspects of the present disclosure. For example, FIG. 7may be generated in response to a selection of the Host Checking accounttin FIG. 6 and show transactions that have occurred for the account.

The user interface 700 includes a list of secure transactions 702corresponding to the selected account. Different information about eachsecure transaction 702 is listed included in labeled rows, including adate, description, category, and amount of the transaction 702. In someaspects, the transactions may be stored in memory locations based on thecategory type associated with the secure transaction as described inFIG. 3. For example, the secure host information may include both theAug. 30, 2016 and the Aug. 25, 2016 secure transactions stored inassociated memory locations based on their having the common categorytype “Deposits.” In some aspects, different metrics may be generated byaggregating the associated information based on the category type.

For example, FIG. 8 shows an example of a user interface 800 including agraphical representation 802 of a total value (e.g., transaction amount)associated with the secure transactions aggregated by category type. Thegraphical representation 802 corresponds to a variant of a pie chart(e.g., a doughnut chart or circle graph) illustrating the aggregateamounts of the transactions by category in relation to the total amountof purchases for the account. The user interface 800 also includes alist 804 corresponding to the graphical representation 802 with anaggregate total amount for each transaction category.

Modifying the Integrated Secure Information

FIG. 9 is a flow chart of a process for modifying the integrated secureinformation according to one aspect of the present disclosure.

In block 900, the integration server device 102 generates a userinterface displaying the user integrated secure information. The userinterface may also include one or more selection options to allow theuser to modify the displayed secure host information or the securethird-party information. In FIG. 6, user interface 600 displaysintegrated secure information as described above in block 422 of FIG. 4.In some aspects, integrated secure information may be displayed asselection options to allow the user to modify the respective piece ofsecure information selected. For example, user interface 600 showssecure host information including an account balance of $24,760.00 in ahost checking account. The user may be able to modify the secure hostinformation by selecting the account balance. The user may select theaccount balance via a mouse, touch screen, or other selection deviceavailable on the user device 110. Similarly, the secure third-partyinformation may also be selected to modify the secure third-partyinformation (e.g., selecting the account balance of $10,135.00 of thefirst third-party checking account to modify the secure third-partyinformation). Selection of the option to modify the secure hostinformation or the secure third-party information may transmit a requestto the integration server device 102 to modify the secure informationselected.

Returning to FIG. 9, in block 902, the integration server device 102determines whether the user has selected an option to modify the securehost information or the secure third-party information. In some aspects,the determination may be based on the selection of an option on a userinterface as described in block 900 or as shown in user interface 600 ofFIG. 6. For example, the selection of the secure host information maytransmit a request to the integration server device 102 to modify thesecure host information corresponding to the selection. The request mayinclude an identifier that the integration server device 102 interpretsas a request to modify to the secure host information corresponding tothe identifier and the selection of the user. Similarly, the selectionof the secure third-party information may transmit a request to theintegration server device 102 including an identifier that theintegration server device 102 interprets as a request to modify to thesecure third-party information corresponding to the identifier and theselection of the user. In some aspects, the secure third-partyinformation may be stored on a single third-party system 106 hosted by asingle third party. In other aspects, the secure third-party informationmay include third-party information stored on separate third-partysystems 106 hosted by of different third parties.

In block 904, the integration server device 102 generates a userinterface to receive host modification information from the user. Theuser interface may be generated by the integration server device 102 inresponse to a determination by the integration server device 102 thatthe user has elected to modify the secure host information displayed onthe user interface displaying the integrated secure informationdescribed in block 900. The user interface for receiving the hostmodification information may include selection or input options to allowthe user to enter host modification information corresponding toinstructions for how to modify the secure host information. Returning tothe example user interface shown in Screenshot B, the user may wish totransfer money from the host account shown as the secure hostinformation. The user interface may include selection or input optionsto facilitate the transfer of money from the host account to a recipientaccount. In some aspects, the integration server device 102 may generatea series of user interfaces to facilitate the transaction. One or moreof the user interfaces may include an additional option to execute thetransfer. In response to selection of the additional option, the hostmodification information may be transferred to the integration serverdevice 102 for modifying the secure host information.

In block 906, the integration server device 102 receives the hostmodification information. In some aspects, the integration server device102 may receive the host modification information subsequent to thetransmission of the host modification information in response to theselection of an option by the user to execute a transaction.

In block 908, the integration server device 102 modifies the hostinformation based on the host modification information received. In someaspects, the integration server device 102 may directly or indirectly(through another host system) execute the transaction. Specifically, theintegration server device 102 may modify the host account to reflect awithdrawal in the amount requested by the user and reflected in the hostmodification information (e.g., the integration server device 102 maysubtract the amount to be transferred from the host account). In someaspects, the integration server device 102 may also modify the recipientaccount to which the user requested money to be transferred bydepositing into the recipient account the amount requested by the userand reflected in the host modification information. The modified accountbalance or other secure host information may be stored in the memorylocation of the database 104 to replace the previous information.

In block 910, the integration server device 102 retrieves updatedintegrated secure information. The updated integrated secure informationincludes the modified secure host information stored in the database 104and the secure third-party information associated with the modifiedsecure host information in the database 104 The updated integratedsecure information may reflect any modifications to the secure hostinformation or the secure third-party information. For example, theintegration server device 102 may retrieve the secure third-partyinformation as described in block 418 of FIG. 4. The integration serverdevice 102 may also retrieve the secure host information as described inblock 420 of FIG. 4.

In block 912, the integration server device 102 generates a userinterface to display the refreshed integrated secure information asdescribed in block 422 of FIG. 4. The refreshed integrated secureinformation may include the secure host information and the securethird-party information reflecting any modifications or changes to thesecure host information or the secure third-party information. In someaspects, the changes to the integrated secure information may be basedon a transaction executed by the host system 100 or another systemhaving access to either the secure host information or the securethird-party information. For example, a host system communicativelycoupled to the host system 100 may access the secure host information toexecute a financial transaction previously initiated by the user (e.g.,a purchase made at a retailer using a transaction card associated withthe account corresponding to the secure host information may besubsequently executed by the host system). The refreshed integratedsecure information may reflect both the modification of the secure hostinformation described in blocks 402-404 of FIG. 4 as well as themodification to the account by the host system.

In block 914, the integration server device 102 retrieves thethird-party authentication information for the user to access the securethird-party information. Retrieving the third-party authenticationinformation may be in response to a determination by the integrationserver device 102 that the user has elected to modify the securethird-party information displayed on the user interface displaying theintegrated secure information described in block 902. The third-partyauthentication information may be associated with the user identifierstored in the database device 104 and may be retrieved from the databasedevice 104 to transmit to the third party.

In block 916, the integration server device 102 retrieves interfacecontent 216 from the memory 202 of the integration server device 102 orother appropriate storage device. In some aspects, the user interfacecomponents may include java script, HTML, or other computer-readableinstructions for generating headings, banners, images (e.g., logos ofthe host party), or other elements of a user interface having visualsimilarities to the user interfaces generated by the integration serverdevice 102.

In block 918, the integration server device 102 transmits a request tothe third party for the secure third-party information. The request mayinclude the third-party authentication information and the interfacecontent 216. The third-party system 106 may authenticate the host system100 on the third-party system 106 and utilize the user interfacecomponents to generate a user interface that appears to be hosted by thehost system 100. The user interface generated by the third-party system106 may allow the user to modify the secure third-party information. Therequest may be transmitted to the third-party system 106 from the hostsystem 100 via the network 108 or the service bus 112.

The process of FIG. 9 returns to block 910, where the integration serverdevice 102 retrieves the updated integrated secure information.

In some aspects, the host system 100 may require that the user providethe third-party authentication information prior to authenticating theuser on the third-party system 106 as described in block 914. Forexample, the third-party authentication information associated with theuser in the database device 104 may not correspond to the informationrequired by the third-party system 106 for authenticating the user toretrieve the secure third-party information (e.g., the user may havemodified a password for accessing the third-party system 106 subsequentto accessing the host system 100). The integration server device 102 maygenerate the user interface displaying the integrated secure informationto include secure third-party information previously stored in thedatabase device 104 subsequent to a prior retrieval of the securethird-party information.

FIG. 10 shows an example of a user interface 1000 displaying securethird-party information according to some aspects of the presentdisclosure. The secure third-party information includes two accountbalances: (1) a “Checking” account balance of $1000.00, and (2) a“Savings” account balance of $1600.00. Included with the display of thesecure third-party information is text indicating when the securethird-party information was retrieved from the third-party system 106.For instance, the “Regular Checking” account shows that the $1000.00account balance is as of two weeks prior to the present date and the“Regular Savings” account shows that the $1600.00 account balance is asof Aug. 29, 2016.

The user interface includes hazard symbols proximate to the total,“Total $47,673.46,” and proximate to the “Regular Checking” account. Thehazard symbols may indicate that the secure third-party informationdisplayed on the user interface 1000 is not updated as of the presentdate. In response to a selection of the hazard symbols (e.g., hoveringover the hazard symbol, clicking the hazard symbol via a mouse ortouchscreen), the integration server device 102 includes a message 1002on the user interface indicating that the third-party authenticationinformation is not updated. For example, Screenshot E shows a message inresponse to a selection of the hazard symbol proximate to the “RegularChecking” account. The message indicates that the third-partyauthentication information stored in the database device 104 andassociated with the user may be insufficient to access the third-partysystem 106 for retrieving updated secure third-party information. Themessage includes additional selection options, such as the hyperlinkedtext labeled “update your log on information” to allow the user tomodify third-party authentication information associated with the user.In response to selecting the hyperlinked text to update the third-partyauthentication information, the integration server device 102 maygenerate one or a series of user interfaces to receive updatedthird-party authentication information as input. The integration serverdevice 102 may update the memory location including the outdatedauthentication information with the new third-party authenticationinformation to associate the third-party authentication information withthe user identifier.

The foregoing description of the examples, including illustratedexamples, of the invention has been presented only for the purpose ofillustration and description and is not intended to be exhaustive or tolimit the invention to the precise forms disclosed. Numerousmodifications, adaptations, and uses thereof will be apparent to thoseskilled in the art without departing from the scope of this invention.The illustrative examples described above are given to introduce thereader to the general subject matter discussed here and are not intendedto limit the scope of the disclosed concepts.

1. A system comprising: a processor; and a memory device accessible tothe processor and comprising instructions that are executable by theprocessor to cause the processor to: authenticate a user of a userdevice to access secure host information associated with the user;transmit a first request to a third-party system to access securethird-party information stored by a third-party, the first requestincluding third-party authentication information associated with theuser and usable for authenticating a host party with the third-partysystem; receive secure third-party information corresponding to the userfrom the third-party system; create a graphical user interface thatincludes the secure host information and the secure third-partyinformation positioned in the graphical user interface based on arelationship between the secure host information and the securethird-party information; and transmit a second request for modifying thesecure third-party information to the third-party system, the secondrequest including the third-party authentication information.
 2. Thesystem of claim 1, wherein the memory device comprises instructions thatare executable by the processor to cause the processor to: transmit athird request for updated secure third-party information to thethird-party system, the third request including the third-partyauthentication information; receive the updated secure third-partyinformation; and create an updated graphical user interface includingthe secure host information and the updated secure third-partyinformation.
 3. (canceled)
 4. The system of claim 1, wherein the secondrequest includes interface instructions usable by the third-party systemto generate a user interface having visual elements associated with thehost party.
 5. The system of claim 1, wherein the memory devicecomprises instructions that are executable by the processor to cause theprocessor to retrieve the secure third-party information from thethird-party system using the third-party authentication information inresponse to authenticating the user based on host authenticationinformation.
 6. The system of claim 1, wherein the memory devicecomprises instructions that are executable by the processor to cause theprocessor to determine one or more aggregated values based on the securehost information and the secure third-party information.
 7. The systemof claim 6, wherein the memory device further comprises instructionsthat are executable by the processor to cause the processor to generatea user interface including a graphical representation of the one or moreaggregated values.
 8. A method comprising: authenticating, by aprocessing device of a system, a user of a user device to access securehost information associated with the user; transmitting, by theprocessing device, a first request to a third-party system to accesssecure third-party information stored by a third-party, the firstrequest including third-party authentication information associated withthe user and usable for authenticating a host party by the third-partysystem; receiving, by the processing device, secure third-partyinformation corresponding to the user from the third-party system;creating, by the processing device, a graphical user interface thatincludes the secure host information and the secure third-partyinformation positioned in the graphical user interface based on arelationship between the secure host information and the securethird-party information; and transmitting, by the processing device, asecond request for modifying the secure third-party information to thethird-party system, the second request including the third-partyauthentication information.
 9. The method of claim 8, furthercomprising: transmitting a third request for updated secure third-partyinformation to the third-party system, the third request including thethird-party authentication information; receiving the updated securethird-party information; and creating an updated graphical userinterface including the secure host information and the updated securethird-party information.
 10. (canceled)
 11. The method of claim 8,wherein the second request includes interface instructions usable by thethird-party system to generate a user interface having visual elementsassociated with the host party.
 12. The method of claim 8, furthercomprising retrieving the secure third-party information from thethird-party system using the third-party authentication information, inresponse to authenticating the user based on host authenticationinformation.
 13. The method of claim 8, further comprising determiningone or more aggregated values based on the secure host information andthe secure third-party information.
 14. The method of claim 13, furthercomprising generating a user interface including a graphicalrepresentation of the one or more aggregated values.
 15. Anon-transitory computer-readable medium comprising program code that isexecutable by a processor for causing the processor to: authenticate auser of a user device to access secure host information associated withthe user; transmit a first request to a third-party system to accesssecure third-party information stored by a third-party, the firstrequest including third-party authentication information associated withthe user and usable for authenticating a host party by the third-partysystem; receive secure third-party information corresponding to the userfrom the third-party system; create a graphical user interface thatincludes the secure host information and the secure third-partyinformation positioned in the graphical user interface based on arelationship between the secure host information and the securethird-party information; and transmit a second request for modifying thesecure third-party information to the third-party system, the secondrequest including the third-party authentication information.
 16. Thenon-transitory computer-readable medium of claim 15, further comprisingprogram code that is executable by the processor to cause the processorto: transmit a third request for updated secure third-party informationto the third-party system, the third request including the third-partyauthentication information; receive the updated secure third-partyinformation; associate the updated secure third-party information withthe secure host information in a database; and create an updatedgraphical user interface including the secure host information and theupdated secure third-party information.
 17. (canceled)
 18. Thenon-transitory computer-readable medium of claim 15, wherein the secondrequest includes interface content usable by the third-party system togenerate a user interface for modifying the secure third-partyinformation, and wherein the interface content includes interfaceinstructions usable by the third-party system to generate the userinterface having visual elements associated with the host party.
 19. Thenon-transitory computer-readable medium of claim 15, further comprisingprogram code that is executable by the processor to cause the processorto retrieve the secure third-party information from the third-partysystem using the third-party authentication information, in response toauthenticating the user based on host authentication information. 20.The non-transitory computer-readable medium of claim 15, furthercomprising program code that is executable by the processor to cause theprocessor to determine one or more aggregated values based on the securehost information and the secure third-party information.